Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=artists.bpm.app
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 23, 2025
Valid Until
January 21, 2026
60 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
59:17:EE:CE:73:FF:E3:A4:6E:C8:24:0F:41:21:4C:E4:C8:3F:74:97:E2:19:BC:6F:19:51:9C:4D:E2:A5:D3:0F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
carpetmasters.co
accesscs.org
amooto.in
www.andresenapiaries.ca
aumarche.net
client-dev.beamylabs.com
einhorn.bezahl.de
artists.bpm.app
www.burnoutapp.be
bymitta.nl
test.carlosalonsofisioterapia.es
www.ccsonline.app
game.clubcrayon.com
clubescuelasolidaria.org
app.hariel.co.il
destinations2019.mako.co.il
boon.com.hk
madakiproperties.com.ng
www.sft.com.pk
starmind.comfyspace.tech
businessriver.constructionawards.ie
cutlassware.com
day4u.in
gpx.detecht.se
dhanucrackers.in
wofe.divarch.com
dontflywizzair.com
panel.queue.e-ceos.com.br
rsc-link.ehubstar.com
amin.exploredata.app
www.findafh.org
fosterphi.in
geeft.io
gestoriaknk.es
www.growtovchani.com
www.grtfl.io
www.hernandezrentalsllc.com
hexreviews.co.uk
www.icoriha.com
www.imaadjunaidi.com
www.ivaloairport.fi
www.jasonyounan.com
jeremyfossette.fr
jhumkaplanet.com
kalektar.org
wa.malvre.com
rc.massart.org
www.mcs-specialist.com
meddelivery.in
consult.medeintegra.app
controle-dev.mobilizei.com.br
mosahay.info
moto4rent.lv
gtc.mstubbs.net
www.mytherapeasy.com
staging.support.nival.me
www.on-sen.jp
app.onfat.cy
fupacel.org.py
osadchy.pro
www.psypack.com
www.pulsarenergy.com
quantalytics-ai.com
quickfuel.shop
campaign.rideshimano.com
rktsim.com.br
ryannovas.com
door.samweaver.com
satyaki.dev
app.scaffinspect.se
shikoinu.de
sso.shoegeeks.in
link.sikkaapp.in
app.siteinfinite.com
www.skeptonomics.com
z6dhib7lisp7hkfvz2tq.smartimob.io
staging.stockrepublic.net
staging.admin.storagepug.com
kumamoto2.tabingo.com
kumamoto5.tabingo.com
tekingb.com
www.thaigai.app
bookings.theasiacollective.com
links.thebitcoincompany.com
www.thrivepediatricspeech.com
thuykieu0706.online
tuggar.com
ajans-tema-1.ultof.com
unitysworkshop.com
www.unyleague.com
www.urbafix.com.mx
friendfeed.urbansheep.com
www.vavvyox.com
waotools.com
www.hr.wedevelop.me
whento.info
winnay.com
xenotive.com
yourdreamjobinaustralia.com
ziofood.co.za
Other domains in certificate